Moderator

On a security standpoint - they are the same.
Which one you choose is ultimately up to you - I'd say going with CloudFlare is easier - and has the advantage of also being a CDN. However, if your host uses cPanel and has enabled AutoSSL - going with Let'sEncrypt is just as easy (but no CDN).

Well-known member

On a security standpoint - they are the same.
Which one you choose is ultimately up to you - I'd say going with CloudFlare is easier - and has the advantage of also being a CDN. However, if your host uses cPanel and has enabled AutoSSL - going with Let'sEncrypt is just as easy (but no CDN).

See this guide: https://letsencrypt.org/getting-started/
If your host uses cPanel and has it updated will have AutoSSL, which has the ability to be Let's Encrypt issued. You're best off contacting your host.

Some providers offer the option of a shared free SSL such as Comodo,symantec, etc,.. for their shared hosting accounts, which would be a better option than a free self-signed SSL. If your hosting provider doesn't offer Letsencrypt its better to contact them or buy a cheap Positive SSL for around 10$/year.

Well-known member

LetsEncrypt is a real SSL that encrypts traffic between your site and your server, giving your visitors privacy.

Cloudflare SSL is a certificate that you share with lots of other websites, it will encrypt traffic between your site and cloudflare but it's then unencrypted when it hits the cloudflare network. If you also have an SSL certificate installed on your site it'll then be encrypted again and sent to the server, if not then the request is sent directly to the server.

Active member

I don't see why that would cause conflicts on your site...
Also, for Cpanel hosted accounts, once you enable their AutoSSL websites are automatically secured with the Domain Validated SSL certificate. https://blog.cpanel.com/autossl/

Some providers offer the option of a shared free SSL such as Comodo,symantec, etc,.. for their shared hosting accounts, which would be a better option than a free self-signed SSL. If your hosting provider doesn't offer Letsencrypt its better to contact them or buy a cheap Positive SSL for around 10$/year.

Member

We have been using Lets encrypt SSL and no hard work at all. It going fine with all cpanel users and automatically renew after the grace period ends. I'm not confident with cloudflare ssl may be I am more comfortable with what cpanel provides.

New member

While Let's Encrypt looks like a really good and simple solution for SSL, CloudFlare has the advantage of being a Content Delivery Network which should come with the advantage of speeding up the forum a bit.

New member

Does the CloudFlare come on the free plan, would be interested to know. And also I think we should say RIP to Let's Encrypt as browsers are soon to notice the free SSL - I say Google will be the pioneers of this.

Well-known member

Hey there, LetsEncrypt SSLs are high-grade SSL certificates that pass https://www.ssllabs.com/ssltest/ standards. If you have letsencrypt ssl that is installed perfectly you will get a+ grade domain validates SSL. This is more than enough and it also work seamlessly with http2 and other latest protocols and http strict transport protocol.

On the other hand cloudflare is not completely end to end encrypted. IT gives flexible ssl , full ssl and origin pull ssl. In these options only felxible ssl is 1 click. And easy to setup for normal users, other methods need technical knowledge and most users cannot install origin pull certificates, because they do not know how to setup it properly.

Now, flexible ssl enrypts traffic only in between your users browsers and cloudflare. But end to end encytpion means, user<->cloudflare<->yoursever all traffic must pass in enrcypted layer. So, cloudflare is not preferable to use for SSL from security point of view. Another thing is there are lots of issues with cloudflare

1. If you use cloudflare dns and cdn and ssl then https://yourdomain.com/cpanel will result in broken interface. As cloudflare caching does not work properly with cpanel.
2. In some countries or regions, cloudflare servers are not optimal (free plan) and they perfom much slow than your original server.
3. Felixble SSL does not encrypt end to end communication, so man in the middle attacks are still possible
4. Cloudflare offer shared SSL certificates in free user plan, so its not as good ad they paid plan SSL.
5. If you are wordpress user and looking to optimize for Google page speed score, you will find it difficult to use plugins like w3tc and cloudflare in combination with https..seems to not work as expected as per our testing.

If you have letsencrypt ssl installation offered by your web hosting company. Use letsencrypt and enjoy the best security for free.

Thanks

Rank My Hub. Professional Web Hosting, Web Designing, Web Development, Digital Marketing and Online Business IT Consulting company. Get in touch with us today for professional products and services to grow your business online.

Global Mod

Now, flexible ssl enrypts traffic only in between your users browsers and cloudflare. But end to end encytpion means, user<->cloudflare<->yoursever all traffic must pass in enrcypted layer. So, cloudflare is not preferable to use for SSL from security point of view. Another thing is there are lots of issues with cloudflare

The only difference between shared SSL and paid plans is the domain associated with the SSL certificate. But it doesn't have any impact on the security. All my websites score A+ at ssllabs.com with Cloudflare SSL.

If you are wordpress user and looking to optimize for Google page speed score, you will find it difficult to use plugins like w3tc and cloudflare in combination with https..seems to not work as expected as per our testing.

Yes, you are right, but normal users who are not technically knowledged enough to install self signed ssl at server end and then enable full (strict) mode on cloudflare end.They may not be able to setup that strict ssl part. So that is my point, its the ease of use, that matters to users at the end of the day and your point is valid.

W3TC is needed not just for caching alone, but also for database caching, fragment caching redis and some other stuff, so cloudflare does not work when user need to use w3tc and cloudflare together.

There will be some people who will want to get 100/100 score on page speed insghts, then in that case with cloudflare its not possible. As assets are not in our control. Where as if we do not use cloudflare we can achive this 100/100 score and we did already once.

So this is like special case and may not apply to everyone, but from majority of peoples view, for them using w3tc is more important due to various reasons. All in all cloudflare as free service is doing its job, but letsencrypt adds more compitability with things. So my vote goes for letsencrypt in this case.

Thank you.

Lets see what the thread opener says.

Last edited: Mar 27, 2017

Rank My Hub. Professional Web Hosting, Web Designing, Web Development, Digital Marketing and Online Business IT Consulting company. Get in touch with us today for professional products and services to grow your business online.

Global Mod

Yes, you are right, but normal users who are not technically knowledged enough to install self signed ssl at server end and then enable full (strict) mode on cloudflare end.They may not be able to setup that strict ssl part. So that is my point, its the ease of use, that matters to users at the end of the day and your point is valid.

If users can install letsencrypt certificates, they can easily install Cloudflare SSL full.

W3TC is needed not just for caching alone, but also for database caching, fragment caching redis and some other stuff, so cloudflare does not work when user need to use w3tc and cloudflare together.

There will be some people who will want to get 100/100 score on page speed insghts, then in that case with cloudflare its not possible. As assets are not in our control. Where as if we do not use cloudflare we can achive this 100/100 score and we did already once.

So this is like special case and may not apply to everyone, but from majority of peoples view, for them using w3tc is more important due to various reasons. All in all cloudflare as free service is doing its job, but letsencrypt adds more compitability with things. So my vote goes for letsencrypt in this case.

Well-known member

Let's assume you are in scenario of free SSL. In such case compared to Cloudflare, you are better off with the Let's encrypt. Because the free plans have their SSL limitations with cloudflare. And for this reason you can make use of the Let's encrypt SSL. You get everything that is being offered by the Cloudflare and even more. You can try cloudflare and if you don't find it useful enough, you can switch to Let's encrypt in Cpanel.

About Us

ForumWeb.Hosting is a web hosting forum where you’ll find in-depth discussions and resources to help you find the best hosting providers for your websites or how to manage your hosting whether you are new or experienced. You’ll find it all here. With topics ranging from web hosting, internet marketing, search engine optimization, social networking, make money online, affiliate marketing as well as hands-on technical support for web design, programming and more. We are a growing community of like-minded people that is keen to help and support each other with ambitions and online endeavors. Learn and grow, make friends and contacts for life.